Uptime-kuma Project Uptime-kuma — known CVE vulnerabilities
Every CVE whose affected-product data names Uptime-kuma Project Uptime-kuma, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-36821 — CVSS 8.8 (high): Uptime Kuma, a self-hosted monitoring tool, allows an authenticated attacker to install a maliciously crafted plugin in versions prior to…
CVE-2023-36822 — CVSS 6.5 (medium): Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions prior to 1.22.1. Uptime Kuma allows…
CVE-2023-25810 — CVSS 6.3 (medium): Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.20.0 the Uptime Kuma status page allows a persistent XSS attack. Users…
CVE-2023-25811 — CVSS 6.3 (medium): Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.20.0 the Uptime Kuma `name` parameter allows a persistent XSS attack…